16 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: brcmfmac: cfg80211 – Handle SSID-based PMKSA deletion wpasupplicant 2.11 sends commands for PMKSA flush based on SSID from version 1efdba5fdc2c “Handle PMKSA flush in the driver for SAE/OWE offload cases”. The brcmfmac...
CVE-2019-12587
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266NONOSSDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key PMK after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames v...
Linux Distros Unpatched Vulnerability : CVE-2023-53715
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It...
DEBIAN-CVE-2023-53715
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...
CVE-2023-53715 wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...
CVE-2023-53715 wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...
EUVD-2019-4181
Malware in sbrugna...
Updated hostapd & wpa_supplicant packages fix security vulnerability
The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always used to derive th...
CVE-2023-52424
The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always used to derive th...
CVE-2023-52424
CVE-2023-52424 describes an SSID confusion vulnerability in IEEE 802.11 where the SSID is not always used to derive PMK/session keys and the 4‑way handshake may proceed without a protected SSID exchange. An adjacent attacker can lure victims to connect to an unintended/untrusted network using Hom...
Qualcomm Chipsets Security Vulnerability
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption in the WLAN Host when deserializing input PMK bytes without checking the input PMK length...
PT-2023-21827 · Qualcomm · Qualcomm Chipsets
Name of the Vulnerable Software and Affected Versions: Qualcomm Chipsets affected versions not specified Description: The issue is related to memory corruption in the WLAN host, which occurs when deserializing input PMK bytes without checking the input PMK length. This can potentially lead to cod...
Qualcomm Chip Buffer Error Vulnerability
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. The Qualcomm chip suffers from a buffer error vulnerability that...
PT-2023-8443 · Qualcomm · Wlan Firmware +1
Name of the Vulnerable Software and Affected Versions: Qualcomm embedded platform affected versions not specified Description: The issue is related to memory corruption in WLAN Firmware, specifically during a memory copy of the pmk cache. This can be exploited by a remote attacker to execute...
CVE-2019-12587
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266NONOSSDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key PMK after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames v...
CVE-2019-12587
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266NONOSSDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key PMK after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames v...